CLAIMS 

1 1. Architecture bf an encryption circuit (1) simultaneously processing various 

2 encryption algorithms, the cinmit being capable of being coupled with a host system (HS) hosted 

3 by a computing machine, charatterized in that the circuit comprises: 

4 - an input/output module\2), responsible for the data exchanges between the host system 

5 (HS) and the circuit ( 1 ) via a dedicated bus (PCI), 

6 - an encryption module (3) cVupled with the input/output module (2), in charge of the 

7 encryption and decryption operations \s well as the storage of all of the circuit's sensitive 
rS8 information (1); and \ 

- isolation means (4) between theViput/output module (2) and the encryption module (3), 

QJO making the sensitive information stored in Vie encryption module (3) inaccessible to the host 

J 1 system (HS) and ensuring the parallelism ofihe operations performed by the input/output 

^2 module (2) and the encryption module (3). \ 

1 2. Architecture according to claim 1 , Vmracterized in that the isolation means of the 

Ni 2 circuit (1) comprises a double-port memory (4) cpjumcd between the input/output module (2) and 

Q 3 the encryption module (3), including its own bus/andNsimultaneously handling the exchange of 

4 data, commands and statuses between the two niodule^(2 and 3), and the isolation between the 

5 two modules (2 and 3). \ 

1 3. Architecture according to either of claims 1 arid 2, characterized in that the 

2 encryption module (3) comprises: \ 

3 - a first encryption sub-module (3|), dedicated to the processing of symmetric encryption 

4 algorithms, coupled with the bus of the dual port memory (4); \ 

5 - a second encryption sub-module (39), dedicated to the processing of asymmetric 

6 encryption algorithms (40) coupled with the bus of the dual-port mefaiory (4) and including a 

7 separate internal bus isolated from the bus of the dual-port memory (4^; and 

8 - a CMOS memory (11) coupled with the dual-port memory (4\via the bus of the dual- 

9 port memory containing the encryption keys. \ 
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4. Architecture according to claim 3, ciiaracterized in that the first encryption sub- 
module (3i) compittses an encryption component (9) coupled with the dual-port memory (4) via 
the bus of the memoiw (4), comprising various encryption automata, respectively dedicated to the 
processing of symmetrtc encryption algorithms, and in that the second encryption sub-module 
(32) comprises at least twfe encryption processors (lOi and IO2), respectively dedicated to the 
processing of asymmetric eV:ryption algorithms, coupled with the encryption module (9) via the 
internal bus of the second subViodule (32), which is isolated from the bus of the dual port 
memory by a bus isolator (14). 



5. Architecture according, to c 
IO2) of the encryption module (3) are o 



aim 4, characterized in that both processors (lOi) and 
CIP type. 



1 6. Architecture according to cl33i^ 4, characterized in that one (lOi) of the 

2 encryption processors (lOj and X^i) is of the C?P type, and in that the other (IO2) is of the ACE 

3 type. 

1 7. Architecture according to claim 4, characterized in that the encryption processor 

2 (IO2) of the ACE type is produced in programmable FP^A technology. 

1 8. Architecture according to any of claims 4 thr^gh 7, characterized in that the 

2 encryption module (9) is of the SCE type. 

1 9. Architecture according to claim 8, characterized in th^t the encryption module (9) 

2 is produced in programmable FPGA technology. 



1 10. Architecture according to any of claims 3 through 9, characterized in that the 

2 second encryption sub-module (32) also comprises a flash memory PROM (l\) and an SRAM 

3 memory (13) coupled with the internal bus of the sub-module (32). 
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1 11. Architds^ure according to any of claims 3 through 10, characterized in that the 

2 CMOS memory (1 1) is pK^tected by security mechanisms (15) that trigger the reset mechanism 

3 of the CMOS memory (1 1) ro case of an alarm. 
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12. Architecture accordmg to any of claims 1 through 1 1, characterized in that the 
input/output module (2) comprises: 



iput/output processor (6i) and a PCI interface (62) 
t cuUng the data transfers between the host system 



- a microcontroller (6) comprisi 
integrating DMA channels responsible fj 
(HS) and the circuit (1); 

- a flash memory (7) containing the code V the input/output processor (61); and 

- an SRAM memory (8) that receives a copjr^f the contents of the flash memory (7) at 
the startup of the input/output processor (61) 



1 13. Architecture according to any of the precedin\claims, comprising a serial link 

2 (SL) that makes it possible to input basic keys through a secure^ath independent of the PCI bus, 

3 characterized in that the link is controlled by the encryption module (3). 



1 14. Architecture according to claim 13, characterized in that the serial link (SL) 

2 allows the downloading of proprietary algorithms into the first encryption sub-module (3i). 
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